"In addition, law enforcement has long demanded backdoor access
to private user devices and user data [61].
We do not believe that users of PGPP, in its current form,
would be capable of withstanding targeted legal or extra-legal
attacks by nation-state organizations (e.g., the FBI or NSA)"
Randomizing the IMSI is great and all, but it only protects against >20-year old interception techniques (e.g. Stingrays). Nothing to see here.
> In addition, law enforcement has long demanded backdoor access to private user devices and user data
Law enforcement has long demanded all sorts of things, but the presence of such a demand doesn't mean that they have the backdoors which that statement insinuates. If anything, the fact that law enforcement is having to publicly beg for private access suggests that they don't already have it (unless you believe that is a bluff).
> capable of withstanding targeted legal or extra-legal attacks by nation-state organizations
If your threat model includes "nation states are going to break their own laws to attack me" then you're not safe even if you never use a phone. In fact, you're not safe even if you never commit a crime.
"In addition, law enforcement has long demanded backdoor access to private user devices and user data [61]. We do not believe that users of PGPP, in its current form, would be capable of withstanding targeted legal or extra-legal attacks by nation-state organizations (e.g., the FBI or NSA)"
Randomizing the IMSI is great and all, but it only protects against >20-year old interception techniques (e.g. Stingrays). Nothing to see here.